﻿Imports System.Data
Imports System.Data.OleDb
Imports System.Web.Configuration
Imports System.Text.RegularExpressions
Imports System.Web.Security
Partial Class _Default
    Inherits System.Web.UI.Page
    Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
        'check if the user is already logged in, and if so, redirect to home page
        If Page.User.Identity.IsAuthenticated Then
            Response.Redirect("~/home.aspx")
        End If
    End Sub

    Protected Sub button_register_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles button_register.Click
        Me.p_nicknameError.Visible = False
        Dim myTicket As FormsAuthenticationTicket
        Dim ID As Integer
        Dim myConnection = New OleDbConnection()
        myConnection.ConnectionString = WebConfigurationManager.ConnectionStrings("yobboGuitar").ConnectionString
        'declare and instantiate command objects
        Dim myCommand_checkForDuplicateUserName = New OleDbCommand("SELECT COUNT(ID) from users WHERE userEmailAddress=?;")
        Dim myCommand_checkForDuplicateNickName = New OleDbCommand("SELECT COUNT(ID) from users WHERE nickName=?;")

        myCommand_checkForDuplicateUserName.Parameters.Add(New OleDbParameter("userEmailAddress", Me.textBox_userEmailAddress.Text))
        myCommand_checkForDuplicateNickName.Parameters.Add(New OleDbParameter("nickName", Me.textBox_nickName.Text))

        Dim myCommand_insertNewUser = New OleDbCommand("INSERT INTO users (userEmailAddress, passwordHash, nickName, userAccessLevel) VALUES (?, ?, ?, 1);")
        Dim myCommand_getID = New OleDbCommand("SELECT @@Identity;")
        myCommand_insertNewUser.Parameters.Add(New OleDbParameter("userEmailAddress", Me.textBox_userEmailAddress.Text))
        myCommand_insertNewUser.Parameters.Add(New OleDbParameter("passwordHash", FormsAuthentication.HashPasswordForStoringInConfigFile(Me.textBox_password.Text, "MD5")))
        myCommand_insertNewUser.Parameters.Add(New OleDbParameter("nickName", Me.textBox_nickName.Text))
        Try
            'open connection
            myConnection.Open()
            'set connection property of command objects
            myCommand_checkForDuplicateUserName.Connection = myConnection
            myCommand_checkForDuplicateNickName.Connection = myConnection
            myCommand_insertNewUser.Connection = myConnection
            myCommand_getID.Connection = myConnection
            'execute command to check for duplicate user
            If myCommand_checkForDuplicateUserName.ExecuteScalar() = 0 Then 'no duplicate username is present, so check for duplicate nickname 
                If myCommand_checkForDuplicateNickName.ExecuteScalar() = 0 Then
                    'register new user and authenticate them
                    'execute command to insert new user
                    myCommand_insertNewUser.ExecuteNonQuery()
                    'get ID of record inserted
                    ID = myCommand_getID.ExecuteScalar()
                    'set authentication cookie (to log in the new user) and redirect to home page
                    myTicket = New FormsAuthenticationTicket(1, Me.textBox_userEmailAddress.Text, DateTime.Now, DateTime.Now.AddMinutes(60), False, ID & ",1")
                    Dim myCookie As New HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(myTicket))
                    Response.Cookies.Add(myCookie)
                    Response.Redirect("~/home.aspx", False)
                Else
                    Me.p_nicknameError.Visible = True 'display duplicate nickname error
                    Me.textBox_nickName.Text = "<enter new nickname>"
                    myConnection.Close()
                End If
            Else 'a user is already registered with the email address entered
                Me.div_alreadyRegistered.Visible = True
                Me.Table1.Visible = False
                Me.button_register.Visible = False
                Me.LinkButton_returnToHomePage.Visible = True
            End If
            'close connection
            myConnection.Close()
        Catch ex As Exception
            'redirect to error message page
            Response.Redirect("~/error.htm")
        Finally
            myConnection.Close()
        End Try
    End Sub
End Class
